Archive

If you’re a network administrator, you already know how critical it is to have tools at your disposal to keep you apprised of the status of your network and its connected systems. Among the gazillion different apps for Windows, there are numerous different tools and utilities that can aid in network administration. Colasoft’s Capsadesktop application for Windows is one such highly feature-laden, comprehensive network analyzer that can help you in analyzing both your LAN and WLAN in real-time. The application carries a wide array of features including 24 hour network monitoring, advanced protocol analyses, in-depth packet decoding and capturing, and automatic diagnosis.

The software can be deployed in a number of scenarios and usage needs, for instance, troubleshooting various network related issues, analyzing your networks performance and pinpointing any bottlenecks, detecting malicious activities in the network, for example, presence of virus or worm, as well as debugging other similar problems.

Capsa is a freeware program but you need a free license key in order to activate it. To get your license, simply fill in the sign up form at Capsa’s website and the developer will email the key to you.

Once you have received the key, enter it in the ‘Serial Number’ field during the setup wizard, enable ‘Activate Online’ and click Next.

Capsa basically comprises of two different windows. The one that pops up upon launch, looks fairly understandable. It carries two tabs at the top labeled Capture and Replay. Under Capture, you can select the network interface you require to monitor or analyze. As stated earlier, Capsa works well with all wired and wireless interfaces, including Bluetooth, Wi-Fi and Ethernet. And toggling an interface displays its bandwidth stats in real time.

Capsa houses a number analyses profiles, and it’s up to the users which profile they want to deploy. For an in-depth analyses, you can choose Full Analyses, but if you need to analyze different network modules separately you can do that too by choosing the appropriate profile name. These analyses types include Traffic, HTTP, Email, DNS, FTP and IM. After selecting the analyses type, you can click ‘Start’ to initiate the capture process.

The main window of Capsa then shows up, providing a wide range of statistics and analysis results. The Ribbon-like UI of Capsa carries a menu bar at top, the main Ribbon, a node explorer to the left, status bar, and the main view at center. You can also stop and resume the capture process anytime. The application displays various different kinds of information and its up to the users how they approach with the analyses of the network.

The sub-tabs within the main view section of Capsa allow you to navigate between various sub sections, fourteen in total, such as statistics, logs, reports, graphs, data packets, diagnosis results and so on. There’s also a Node Explorer to the left which gives an overview of physical and IP addresses of the network, giving you a general understanding of your network.

Capsa also lets you save captured packets by exporting the results as a Capsa-compatible file and save it to your hard disk. You can then replay the same file later from the ‘Replay’ tab that I mentioned earlier. To do that, click Replay button when Capsa is relaunched, under Replay tab, click Add, select the packet file you saved and click Start to initiate replay.

Overall, Capsa is an extremely useful and feature-rich program if you need to monitor and analyze various aspects of the network. Besides its Free version that we reviewed, it also comes in Enterprise and Professional editions both of which offer additional features. It works on all versions of Windows.

A few weeks back, I was invited by Colasoft to take a look at their Capsa 7 Enterpriseanalyzer. Having a little time off around the holidays, I finally got around to spending a couple of hours with the product. This hardly constitutes an in-depth review, but I can share some of the first impressions this interesting and powerful tool made on me during playtime.

I was vaguely familiar with Colasoft, having looked at some of their rather nifty freebies (like a multi-host ping tool) in the past. Wanting to get oriented before digging in, I popped in on the website to see what the promise of Capsa 7 Enterprise amounts to. Lifted from Colasoft’spages:

Key Features of Capsa Enterprise:

Real-time packet capture as well as the ability to save data transmitted over local networks, including wired network and wireless network like802.11a/b/g/n;

Identify and analyze more than 500 network protocols, as well as network applications based on the protocol analysis;

Identify “Top Talkers” by monitoring network bandwidth and usage by capturing data packets transmitted over the network and providing summary and decoding information about these packets;

Overview Dashboard allows you to view network statistics at a single glance, allowing for easy interpretation of network utilization data;

Diagnose and pinpoint network problems in seconds by detecting and locating suspicious hosts;

Ability to Map the traffic, IP address, and MAC of each host on the network, allowing for easy identification of each host and the traffic that passes through each;

Visualize the entire network in an ellipse that shows the connections and traffic between each host.

It’s a pretty ambitious feature set, for a $995 price tag. (“Enterprise” differs from “Professional” in that Professional doesn’t do WLAN.) Capsa is only available for Windows (all versions), and this is a laptop analysis tool rather than a datacenter-racked super-sleuther. Also- WLAN support includes up to 802.11n, but not .11ac yet.

That’s the intro, but how does the product actually perform? I’ll admit to being impressed.

Though I know my way around plenty of CLIs, I’m a UI guy- I hate sucky, confusing, ill-laid out interfaces. Colasoft passes my muster in this regard- Capsa 7 packs a surprising amount of analysis info into a peppy and nicely designed dashboard. Having little Ethernet in my home these days and not wanting to get up off my duff to set up a wired test scenario (it’s the holiday break, after all) I aimed most of my tire-kicking at my home WLAN environment (currently a mix of Aerohive and Meraki). As with any analysis tool, you start by selecting your adapter, and in this case a WLAN channel and one or more SSIDs, and off you go- no AirPcap needed or any sort of special drivers (I tested it with a number of adapters, all did well).

You get variety of analysis profiles to pick from (Full, Traffic Monitoring, Security, HTTP, Email, DNS, FTP, Instant Messaging), and deep views into the gory details of 802.11/802.3 packets as you would with any competing tool. You also get just a nice range of different views that feel AirMagnet-y (or WildPackets-y) at times, but what you don’t get is any of the spectrum type channel plots that MetaGeek gives. Short of that, Capsa 7 is pretty comprehensive.

My “testing” amounted to generating a bunch of nothing-special network traffic both locally and across the Internet, and then drilling into it looking for anyplace I might want to go for analysis that Capsa fell short on. There just wasn’t any.

I am intrigued enough to play further, and my fully-functional eval copy will also get turned loose on my big WLAN when I get back to work to see how it does in the presence of an enterprise-grade 802.1x Wi-FI environment with a ridiculous order of magnitude more clients than I have at home. If there is anything good or bad to add, I’ll come back and amend this post.

We are very glad to share with you that Capsa for WiFi, a professional and powerful wireless network analyzer is coming very soon. Not for long, it will officially be the new member of Colasoft Capsa network analyzer family.

Capsa Testing Group, dedicated to advancing the understanding and practice of Capsa software testing, is now established and waiting for your participation!

Join us in the effort to develop a better Capsa for WiFi by enrolling to Capsa Testing Group. You will not only have the chance to make a difference and get your needs implemented into the product, but also win an ipad and free license.

Wireless technology is one of the most fast-growing network technologies. It has been spreading rapidly around the company, campus, public area etc. Unfortunately, many implementations are being done without attention to issues of security and authentication. As a result, many wireless networks are set up so that anyone with mobile equipment can access, even from outside the building. Anyone with the proper equipment can also spy on traffic. The problem with WLAN users is that very few understand how their data is sent through the air, much less comprehend the associated risks.

Recently a study discovered that 40 – 50% of the wireless users aren’t implementing any form of protection. Some wireless networks are encrypted with WEP key, which is significantly less secure than WPA. To prove my point, I randomly scanned wireless networks around my office building and found out 7 WLANs were encrypted by WEP keys, one network unencrypted among 15 SSID received. It takes no more than 10 minutes to crack a WEP password by BT3. WPA has helped to increase the security available to wireless network. But a good dictionary may brute forcing a WPA password when the pre-defined key is weak.

Due to the broadcasting nature of radio propagation at typical Wi-Fi frequencies, anyone on the street or in the neighborhood will have chance to access to it. A whole subculture has sprung up of people going around, scanning for open wireless nodes, and publicizing them to people who want free wireless access. Capsa for WiFi helps network administrators manage access control by monitoring access IP addresses and security. Capsa for WiFi can detect all access IP addresses as well as peer hosts activities, to monitor network activities and identify network penetration and scanning anomalies. More specifically, any wireless engineers can use Capsa for WiFi to lock down network intruders, monitor clients’ online activities, and spot malware like worms, ARP attacks, Trojan horses etc. To deploy Capsa for WiFi is as simple as to connect your Caspa for WiFi equipped station with a common wireless card to your AP and enable traffic capturing on the fly. You can realize wireless network management without setting up port mirroring.

We are very excited to share with you that the beta version of Capsa for WiFi is now available to public download. We’re sincerely inviting you to help us test Capsa for WiFi, your valuable feedback will be highly appreciated.

Capsa for WiFi is a powerful and professional wireless network analyzer for 802.11a/b/g/n networks which is compatible with all NDIS 6.0 wireless adapters. Capsa for WiFi shares not only the friendly user interface, but also the great capacity of capturing, analyzing and reporting that Capsa network analyzer has.